On Thu, Aug 29, 2013, at 14:58, Arnt Gulbrandsen wrote: > Axel Rau <[email protected]> writes: > > In my nginx.conf, I have > > ssl_ciphers HIGH:!aNULL:!MD5; > > which produces PFS. > > I added it now, but did not commit. >
current recommended cipher settings that defeat BEAST attack look like
this:
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers RC4:HIGH:!aNULL:!MD5;
